# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0

name                prelude-lml
version             5.2.0
revision            6
categories          security
license             GPL-2+
maintainers         {ctreleaven @ctreleaven} openmaintainer

description         Prelude Sensor for analyzing logs and collecting Syslog events

long_description \
        Prelude is an Hybrid intrusion detection system framework that relies on the \
        IDMEF (Intrusion Detection Message Exchange Format) IETF standard.  It enables \
        security sensors such as Snort, honeyd, Nessus Vulnerability Scanner, Samhain, \
        over 30 types of system logs, and many others to verify an attack \
        by performing automatic correlation between events.  This port provides the \
        \'log monitoring lackey\'

homepage            https://www.prelude-siem.org/
master_sites        ${homepage}pkg/src/${version}/

checksums           rmd160  78c3947a9d50ffa7757374bab3394ccc753dffe5 \
                    sha256  6d386d02fea12e45e215f038b19572278414ddbc75d7f9d9f2a43171ba5faf5f \
                    size    1584414

depends_build-append \
                    port:pkgconfig

depends_lib         path:lib/pkgconfig/icu-uc.pc:icu \
                    path:lib/pkgconfig/gnutls.pc:gnutls \
                    port:pcre \
                    port:libprelude

patchfiles          dynamic_lookup-11.patch

configure.args      --disable-silent-rules \
                    --mandir=${prefix}/share/man

destroot.keepdirs \
        ${destroot}${prefix}/var/lib/prelude-lml

post-destroot {
        reinplace "s|= /var/log/messages|= /var/log/system.log|g" \
            ${destroot}${prefix}/etc/prelude-lml/prelude-lml.conf
}

test.run            yes
test.target         check
# 4 failed tests - appear to relate to stdin not a tty, ie not a problem

notes-append "
Please see ${homepage} for configuration that must be complete before the first run."

startupitem.create      yes
startupitem.executable  ${prefix}/bin/${name}

livecheck.url       ${homepage}projects/prelude/files